The Port of Nagoya in Japan has resumed some container operations after being hit by a ransomware attack on Tuesday. According to Bloomberg, five terminals are returning to operation as the port works to recover from the cyberattack. The attack has been claimed by LockBit 3.0, a well-known Russian ransomware gang, according to the Nagoya Harbor Transportation Association.
LockBit 3.0 has been unusually active over the past week, with other victims including Taiwanese chip maker TSCM, as well as organizations in the Netherlands, Spain, Canada, and the US, according to Tech Monitor. The amount of ransom demanded by LockBit 3.0 in the Nagoya Port attack remains unknown.
The attack on the Port of Nagoya highlights the ongoing risk to critical infrastructure, which can cause disruptions that impact millions of people and businesses. Roy Akerman, Co-Founder and CEO of Rezonate, emphasized the need for nations to protect critical infrastructure and quickly respond to such attacks. Duncan Greatwood, CEO of Xage Security, echoed this sentiment, stating that the attack on the port is another example of cyber threats targeting critical infrastructure worldwide.
The effects of the attack on the Port of Nagoya are likely to disrupt the operation or management of the shipping terminals themselves. It is unclear whether the attack targeted cyber-physical systems at the dockside or IT systems that control the cyber-physical environment, or both. To improve resilience against such attacks, a more decentralized and zero-trust cyber protection approach should be adopted, according to Greatwood.
The attack on the port also highlights the potential impact of cyberattacks on global supply chains and financial losses. Nick Tausek, Lead Security Automation Architect at Swimlan, emphasized the need for organizations to prioritize cybersecurity best practices to prevent ransomware attacks from disrupting crucial shipping processes. Security automation tools, especially those that leverage low-code principles, can help security teams keep pace with the evolving threat landscape, reducing the burden on security operations.
Ransomware has evolved from being a threat to data to directly disrupting operations in infrastructure targets. James McQuiggan, a security awareness advocate at KnowBe4, warns that ransomware attacks are likely to remain a persistent threat in the long-term. He emphasizes the need for organizations to implement a proactive and comprehensive approach to cybersecurity, including investing in advanced threat detection technologies, regularly assessing vulnerabilities, and fostering a strong cybersecurity culture.
Ransomware attacks, like the one on the Port of Nagoya, have become inevitable, according to Carol Volk, EVP at BullWall. She advises organizations to prepare their cyber defenses, including ransomware containment systems, regular backups, strong security measures, employee training, and incident response plans. By acknowledging the inevitability of ransomware attacks and taking proactive measures, businesses can enhance their resilience and safeguard critical systems.
The attack on the Port of Nagoya serves as a reminder of the increasing threat of ransomware attacks targeting critical infrastructure. It highlights the need for organizations and nations to prioritize cybersecurity and implement measures to prevent, detect, and respond to such attacks effectively. As cybercriminals continue to evolve their tactics, it is crucial for businesses and governments to stay ahead and invest in advanced security technologies and practices.